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If^ (57) Abstract: An identification system is provided for controlling access to a resource such as a place, an object, data, information, 
O payment means, or authority to act. The system includes one or more objects (100, 202, 310) each hosting an elecfronic tag (102, 
O 204, 306); a reading means (106); and a data system (108). The electronic tag (102, 204, 306) has stored identification data (104) 
^ readable by the reading means (106) for processing by the data system (108). The identification system also has registration means 
^ for registering a set of identification data (212, 312) for one or more electronic tags (102, 204, 306). A user (200, 300) is permitted 
^ access to the resource when the user (200, 300) has in his possession at least one of the objects (100, 202, 310) hosting an electronic 
^ tag (102, 204, 306) with registered identification data (212, 312). 
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Description 

roENTIFIC ATION SYSTEM AND METHOD 
Technical Field 

[001] This invention relates to the field of identity authentication and security. In 

particular, the invention relates to identification of individuals for controUmg access to 
resources. 

Background Art 

[002] Secun^ is an expanding field in wM(^ requirements for authentication of 

identity of individuals is becoming inucFeasingly important in many different situations. 
Id^tity authentication encompasses many different levels from simple ticket re- 
qoireniCTits for access to a charged entry environment to security requirements for 
access to restricted confidential areas. 

[003] Access to many different resources is required to be controlled. ITie resources may 
take many different forms inchiding, but not restricted to the following. Physical 
resources such as locations (e.g. hotel rooms, secure areas, etc.), physical objects (e.g. 
safes, computers, etc.), and data resources (e.g. secure web sites, financial data, etc.). 

[004] Existmg secorily arrangements include physical objects such as keys, Smartcards, 
etc. which can be passed between single individuals. Physical objects have the dis- 
advantage fliat they can be mislaid or stolen. Secure physical mechanisms such as keys 
and locks (particularly using Smartcards) have a high cost of installation and upkeep. 

[005] There are also security arrangements in which a pass-code is memorised and used 
by an iiidrvidnaL Again, it is possible to pass this fonn of security ineans between in- 
dividuals and, furfhennore, it can be passed to more than one individual at a time. 
Pass-codes can be inadvertently disclosed to an untrustworthy party. Also, if specific 
credentials such as pass-codes remain fixed for long periods of time, there is an 
increasing risk of exposure. 

[006] Another from of security for individuals is referred to as biometrics, which is the 
biological identification of a person which includes the charact^stics of structure or 
action. For example, iris or retinal patterns, hand geometry, fingerprints, voice 
responses to chaDenges, the dynamics of hand-writteii signatures, etc. are a[Q forms of 
biometrics. Bioom^cs is a strong form of idra&tity autiientication of an individual; 
however, many forms have a high failure rate. Also, biometric identifications have the 
disadvantage that they are impossible to withdraw. 
Disdosure of Invention 

[007] The aim of the present invention is to provide an improved identification system. 
The proposed system uses simple ergonomics and is easy to use. Thoe is also a 
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potential for ma^ standards to be applied using the proposed system. 
[008] The present invention provides an identification systm in which ft^ 

means changes ovar time at any requited interval making the system hard to predict 

and strengthening the system against impostors. 
[009] The proposed identification system may provide moveable credentials that enable 

the physical proximity of an individual to a physical location to result in security 

actions. 

[010] According to a first aspect of the i^esent invention there is provided an iden- 
tification system for controlling access to a resource, die system includmg: one or more 
oligects each hosting an electronic tag; a reading means; and a data system; the 
electnmic tag having stored identification data readable by the reading means for 
processing by the data system, and the identification system having registration means 
for registering a set of identification data for one or more electronic tags, wherein a 
user is permitted access to the resource when the user has in his possession at least one 
of the objects hosting an electronic tag with registered identification data. 

[Oil] The resource may be one oftbe group ofaplace, an object, data, information, 
payment means, or authority to act 

[012] Preferably, the electronic tags are radio ftequency identification tags, 

[013] In one embodiment, the user may be permitted access to the resource when all the 
electronic tags in the registered set are present. In an altemative embodiment, the user 
may be permitted access to die resource when a sub-set of the electronic tags in the 
registered set are preset 

[014] A reading means may be provided at a point of access to the resource and the 
reading means may automatically identify the tag identification data and seek au- 

diorisation fiiom the data system. 
[015] The registration means may include autiientication means for aathentication of the 
user. The authentication means may use public key infiastructure. For exan:q)le, by a 
user signing the registered set with a private key and providing a public key to a party 
seeking authentication. 

[016] The step of re^stering a set of identification data may include providing a reference 
to the set. The reference is the tag identification data of one of the registered set of 
identification data selected according to predefined selection criteria. The predefined 
selection cntoia may include the type of object in which the tag is hosted and a count 
of the sorted identification data. 

[017] The registered set of identification data may have a reference. The referaice may be 
the tag identification data of one of die registered set of identification data selected 
according to predefined sdection cdtetia. The predefined selection criteria may 
incbde die type of olgect in which the tag is hosted and a count of die sorted iden- 
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tificadcm data. 

[018] Tlie legLstration means may geQ^:ate a leconl of the set of legisteied identificadon 
data, the lecoid mch(&ig a lefenonce to the user, and one or moie attdbutes of the 
aser. The user may be identified by leading the identificati 
possession and referdng to the lecoid in the data system. 

[019] The data system is preferably accessible Ada a netwoiL 

[020] There may be provided an interface for the registration means for confirming the 
registered set of identification data. The legistcation means may have a default for 
accepting or rejecting identification data of tags hosted in predefined types of obj ects. 

[021] Frefieiablyi the objects are objects habitually catried on a person including cloflung, 
p^sonal effects, and consumables. 

[022] The registered set have an expiry time or may be superseded when another set 
is registered 

[023] According to a second aspect of the present invention there is provided an iden- 
tification metiiod comprising; registering a set of identification data for one ox more 
eleptronic tags, each tag being hosted in an object; a user canying one or more of tiie 
objects; scanning a user to read the identification data of tixe electronic tags hosted in 
the objects being earned by the user; comparing the scanned identification data with 
the registered identification data; and permitting access by the user to a resource if the 
scanned identification data is a sub-set of the registered identification data. 

[024] The resource may be one of the group of a place, an object, data, information, 
payment means, or autiiority to act 

[025] Preferably, the electronic tags are radio fieqoency identification tags. 

[025| In one embodiment, the user is permitted access to the resource whenallthe 

electronic tags in the registered set are present In an alternative embodiment, the user 
may be permitted access to the resource when any sub-set of the electronic tags in the 
registered set are present 

[027] Hie st^ of registering may indude atrthentication of a user. The auflientication may 
use public key infiastcucture. 

[028] The re^stcation may gensssto arecord of the set of registered identification data 
including a reference to the user, and one or more attributes of the user. The user may 
be identified by scanning the id^itification data of the tags in his possession and 
referring to the record. 

[029] The registered set of identification data is preferably accessible via a network. 

[030] The step of registering may include the user confirming the r^stered set of iden- 
tification data. la additian, the stqi of registmng may include defaulting to accqyt or 
reject identification data of tags hosted in predeGned types of objects. 

[031] Tbe olijects are preferably otgects haUtually carried on a poson including clothing, 
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petSQnal effects, and cansumables. 

[032] Hie step of legisteniig may be repeated at time intervals . 

[033] Accoidmg to a tiiiid aspect of the present inyenti(m& idea- 

tification system for contcolliBg access to a lesonice, the system ixiclnding: an object 
hosting an electronic tag; a reading means; and a data system; the electronic tag having 
stored identification data readable by the reading means for processing by the data 
system, and wherdn a user is permitted access to the resource when the user has in his 
possession the object hosting the electnmic tag. 

[034] Acoonlmg to a fimrth aspect of the present invention there is {oovideda^ iden- 
tification service conqnising: registering a set of identification data (212, 312) for one 
or more electronic tags (102, 204, 306), each tag bemg hosted in an object (100, 202, 
310); a user (200, 300) carrying one or more of the objects (100, 202, 310); scanning a 
user (200, 300) to read the identification data (104) of the electronic tags (102, 204. 
306) hosted in the objects (100. 202, 310) being carried by the user (200, 300); 
comparing the scanned idmtification data (104) wifli the registered identification data 
(212, 312); and permitting access by the nset (200, 300) to a resource if the scanned 
identification data is a sub-set of the registered identification data (212, 312). 
Brief Description of the Drawings 

[035] Embodiments of the present invention will now be described, by way of examples 
only, with reference to the accompanying drawings in which: 

[036] Figures 1 A and IB are block diagrams of a tag system used in an identification 
systm in accordance with the present invention; 

[037] Hguie 2 is a schesnatic diagram of an identification system hi 
first embodiment of the preseat invention; and 

[038] Figure 3 is a schematic diagram of an identification system in acccHdance witii a 
second embodiment of the present mvention. 
Mode for the Invention 

[039] An identification system is provided in which objects are tagged witii electronic 
tags. One or more tags can be inserted into any form of obj ect at die tune of 
manufectore and may remaui in the obj ect until tte object is destroyed. It may also be 
possible to destroy or deactivate the tag before the object hostimg it is destroyed. 
Similacly a tag may be added to an object at any time during the lifetime of tiie objecL 

[040] Radio fisguenc^ identification (RFID) technology in which tags are provided 
in the form of transponders that are embedded in items to act as identifiers of the items. 
Readers or scanners act as an interface between the transponders and adata en- 
vironment Transponders and the means used to read them are available is a number of 
fomis. Any suitable form can be used for the purposes of the present invention. 
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[041] Ftuther infonnation and detail of diffetent fom^ of RFCD systems can be found in 
the following lefeiences: http-7/wvmidtechex.coin; ht:^-iytag8y8.net; and 
http://tftagsltd.cxxnL 

[042] Referring to Figure 1 A, an item 100 has a tag 102 embedded in it The tag 102 is 
embedded in a way that it is securely but unobtrusively attached to the item 100. The 
form of attachment will depend on the natm:e of the item 100. The tag 102 is in the 
form of a transponder including a microchip with a memory capacity for holding data 
104. The finrn of the transponder may vary according to the system being used. For 
example, txanqpondecs may differ in size, m^nocy capadly , physical construction and 
distance over which they can be opmted. As an esian^Ae only, a transponder may have 
a memory capacity of 64 bits and a range of read in the order of 1 to 2 meters . 
[043] A transponder may be a passive type which is energised by an external source 
provided by the reader 106. Alternatively, a transponder may be an active ^e with 
built-in energy means, for example, a battecy • 
[044] A reader 106 is provided in any location in which tags 102 will be read to obtain the 
data 104 held in the tags 102. Tlie reader includes a reading means 1 10 which scans 
and reads the data 104 held in the microchip of the tags 1 02. The reader 1 06 has 
temporary storage means 112 for storing the read data 104 and transmitting means 114 
for transmitting the read data 104 to a data processing system 108. 
[045] The data processmg system 108 has a receiving means 1 16 for receiving the read 
data 104 from the transmitting means 114 of the reader 106. The data processing 
systsem lOS also has data processing means 118 and a database 120 for stodng the data 
104 obtained fioin the tags 102. The data piocessing system 108 can be provided in the 
form of a computer with netwod: communication in whidi access is available to the in- 
formation held in the database via the network. For example, the network may be the 
Internet allowing public access to a public part of the database via a web site. 
[046] Hgure IB shows the communication of the data processing system 108 with a 
netwod^ environment 130. Hie network environment 130 includes a public web site 
132ofthedataprocessing system 108 whidicanbeaccessedbyuseisoflbe idsai- 
tification system. The public web ^te 132 can include published identification data 104 
as descdbed furdier below. The netwoik ^viionmeot 130 can also comiect, for 
example, a credit card company's system 134 and a merchant's system 136. 
[047] The id^tification system operates by an individual carrying on his person one or 
more objects hosting one or more tags. As an example, the items can be everyday 
items such as articles of clothing, personal effects such as watches, mobile phones, 
keys, etc. which can all host tags. Jn this way, instead of the data held widiin the tag 
bemg used to iden% the object the tag is embedded in, Ibe dat^ 
individual carrying the object and to authorise the individual to access a resource. 
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[048] Ausermaybeany entity sac^asanimfividual, agroupof in£ 

etc. Aus» is tegistaed at a point in time wilb a set of tags. Registration is earned out 
by scanning the tags to obtain the identification data for iden- 
tification data for each of the tags in the set is stored with a reference for the user* 

[049] Referring to Figure % a user 200 has a plurality of tags 204 embedded in different 
items 202. At registration, a record 206 is generated which contains a reference 208, 
optional attributes relating to the us^ 200, and the identification data 212 for each of 
the tags 204 to be associated with the usct 200. 

[050] The lefiraence 208 for the user 200 may be the name of the user or, depending on 
tiie level of secutily required, any reference to the user. If the system is used for 
security, for example to control access to confidential resources, tiie system may au- 
thenticate a user by additional authentication means. Personal details can be recorded 
as attributes 210 in the record 206. The attributes 210 can mclude biometric in- 
formation of the user 200. 

[051] The system can require that tiie user 200 be in possession of the total set of 

registered tags for access to a resource to be permitted. AltCTatively, a sub-set of the 
registered set of tags can be sufBdent for access to be permitted. The sub-s^ could be 
any permutation of tise total set or a minimum number of tags may be required. 

[052] The user 200 can use a sub-set of the set of recorded tags 204 for a specific security 
requirement Ihe sub-set used can change over time and can be random or chosen by 
the user 200. A user 200 can create short or long term credentials fiom hours to days 
by effectively being scanned for tags present and usmg a sub-set of the tags as a 
signature. 

[053] The change in the sub-set of tags being carded by a user could change at intervals. 
This chum of tag sub-sets makes die identification system hard to predict and prevents 
tags being coverfly acquired by anoth^ paity . Also, as the tags are embedded in 
objects fliat may be worn or carded by the user, the unauthorised acquisition of tags by 
a third party is made v^ difficult As the tags are low cost items, tiiey may be 
embedded in a wide range of items which enables tiie chum of sub-sets and makes the 
prediction of the sub-set at a particular time impossible. 

[054] A checksum mechanism can be provided fen: combining the identification data of 
the tags to reduce the tracing of specific identifications. 

[055] The registration of the set of tags may be for a group of individuals each of whom is 
authorised to the same level for access to common resources. Each individual will 
possess a sub-set of the registered tags and a selection of any mdividual's sub-set will 
allow access to the conunon resource. 

[056] bioiieembo^meotoftheig^steni, the reference 208 in the record 2M auto- 
matically generated firom the tag identification data 212. Once the tags 204 have been 
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seamed at legisfiatioii, one of the tags 204 is aotximatically selected by the system to 
be the lefecence. This could be done by the syst^ ordenng the identificatioii data 212 
by the conteat in numerical order and selecting a predetennined nmnber tag, for 
example the fifth tag in the oideied list This tag then becomes the reference tag. 

[057] The tag identification data can indicate a type of object 202 in which the tag 204 is 
hosted. This means that the reference tag could be chosen from only the tags 204 
hosted in particular types of object The type of object could be designated by value, 
age, product type, eta This avoids a tag being selected as the reference tag when it is 
housed in a consumable object which may have been discarded by the user. 

[058] A user 200 does not then need to provide the reference himself to the recoid. A 

scanning of the user 200 will locate the tags 204 in his possession. The data processing 
system will order the tag identificadons 212 and select the predetermined tag of a 
group of tags hosted in particular types of objects. The data processing system can then 
search through tihe records 206 of usees using the selected tag identification as the 
reference to locate die cooect record 206 for the user 200. 
- [059] At the time of registration of tag idenriff cations, an interface may be provided for 
enabling the scaoned information obtaiiied by a reader to be reviewed, altsr^ 
confirmed by the us^. When a user is scanned he may have tags in his possession 
which he will not keq) wifli him during the entire time period of the registration. Tags 
may be included in low cost items such as drink cans which will only be in the user's 
possession temporarily. Tag identifications for such items will need to be deleted from 
the registered set Defaolt Tupxihanisms can be provided in the interface for accepting or 
rejecting tag identifications for predefined types of objects. 

[060] At a point of registration, the user can sign or authenticate the set using some 

additional authentication mechanism such as a user id/jpassword, private key, or trusted 
set of tags. 

[061] Referring to Rgure 3, an ^bodiment is shown in which a user certifies the tag 
identification data providing an additional level of security to the system. 

[062] A user 300 has a private key 302 of an asymmetric private^public key pair. The 
public 304 correq^Kinding to the private key 302 is provided by tiie user 300 or 
published by a third party to a party operating in the identification system, as required. 
The pubUc kqr 304 may be certified by an ofiSdal trusted authority to form a 
certificate. 

[063] Public key cryptogr^hy uses an asymmetric algorithm in which the encryption and 
deciyption keys are diffi^nt and for which it is kdeasible to compute one key 
knowing only the other. Users receive (or, with suitable hardware or software, can 
generate for tfaemsehres) a pair of keys - that is, two large numbers. Hie user keeps one 
of these Issys j^vate and nevor discloses it The odi^ key can be safely made public, 
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just like a phone lumiber or siinflar peiscnial 

algodthm and fhe way the keys are generated, information enaypfied wSx the private 
key can only be deciypted vnAt the public key and vice versa. 
, [064] The user 300 can enciypt a message with his pdvate key 302. 

confidentiality, because anyone who knows die public key 304 can decrypt it But the 
fact that they can decrypt it means the message must have come from the user - who 
alone has the private key 302. This provides integrity and authentication and can also 
be used as a basis for nQn-rq>udiation - the digital equivalent of a signature. 

[065] The user 300 has a of tags 306 which ate hosted by a variety of objects 310m 
the user* s possession. At a registration pomt in time, the user 300 registm his identity 
widi die set of tags 306. This can be done by all the tags 306 bemg scanned by a reader 
as shown in Figures lA and IB in ord^ for die identification data 312 of the tags 306 
to be electronically recorded in a database. Some of the scanned tags 306 can be 
deselected at registration, if required. 

[066] A digital certificate 308 is then created including the name 314 of die us^ 300 and 
die list of the identification data 312 of the tags 306 associated widi die user 300. The 
digital certificate 308 is signed by die usat 300 widi the user's private key 302. 

[067] The digital certificate 308 is dien published in a public place or made avaflable for 
access by another system. The digital certificate 308 can be accessed via a computer 
network such as the Inteniet by a party wishing to authenticate a user 300. The party is 
provided with the public key 304 of the user in order to enable the party to be sure that 
die di^ certificate 308 is dsat of the user 300. 

[068] The information in the digital certificate 308 is in plaintext and available to be read 
by all parties to find out die tag identification data 3 12. As a further level of security, if 
required, the information in the digital c^tificate 308, or any part of it, can be 
encrypted so that only specific users can access the information. 

[069] For example, the data in the certificate 308 can be encrypted with the user's private 
key 302 and the data will only be available to parities who have the public key 304 of 
die user 300. The nmnb^ of people who have access to the public key 304 can be 
controlled by the user 300 or by die operator of fhe identification system. This provides 
an added level of security to bodi the user 300 and die party obtaming authentication of 
die user 300. 

[070] The identification system may be used to eaiable, for example, authorisation of 
payment by a user using die tag identification as autiienticatioxt 

[071] A credit card company may operate a database of identification data relating to 
account holders. Each account holder is registered with fhe credit card company by 
recording a set of tag identifications for an account The registration procedure will 
require autlieiiticationby means of a mechanism such as public key infiastructnie, a 
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pass-code, or otber means. 

[072] The credit caid company will hold a certiScate containing the tag identification 

data, account details and ciedit limit for the account holder. The registration is done to 
the credit card company source only and so is private. The registered data can change 
regularly, for example daily, by sending the updated tag identification data to the credit 
card company every morning* Tbis increases tiie security of the system and means that 
the registered set of tags are hosted in items in the possession of the user that day. 

[073] An account holder wishing to make a payment is scaoned for a sub-set of the 

registered tags and audiodsatiQn toe payment is sought by the trad» from the oedit 
card conqpany. n^ccedit card company will identify &e account from the sub-set of 
tags and will biow from the certificate how much the account holder is authorised to 
spend. If widiin the credit limit, payment is authorised. This process can be carried out 
automatically in a data envkonment with a tag reader provided at a place of trade. 

[074] The record of registered tags can have an expiry time or can be valid until 

superseded by the subsequent registration of a new or amraded set of tag id^ti- 
fications. In the case of a payment mechanism, the ^iry time should be short to 
increase the security. 

[075] HKm xplpl 

[076] A user wishes to buy a ticket to a concert The user has been registered with a total 
set of tags including a tag in his mobile phone. The user wishes to use Ms mobile 
phone as the ticket 

[077] The user contacts the ticket office and buys &e ticket He g^ves his pubH^ reg- 
istration reference to the tick^ office. The ticket ofSce accesses via the Intern^ the 
regbsttation of the user fix>m the lefoence. The registration provides the us^s ts^ 
identification details. 

[078] The ticket ofGce then enters the tag identification for the mobile phone in its 
database and ibe mobile phone will act as the ticket 

[079] The user arrives at the concert with his mobile phone. He is scanned as he ent^ the 
conc^. The scan identifies the tag of the mobile phone as being a ticket on the ticket 
office database and allows the user automatic entiy into the concert 

[080] As an alternative, tiie user inay inform the ticket ofGce directly of the tag iden- 
tification he wishes to use as the ticket This could be achieved by the us^ s mobOe 
phone bein g scanned by the ticket ofEce at tiie time of purchase, if the purchase was 
being made in person. 

[081] In this way the tag in an object is used as a ticket as a record showing the holder is 

entitled to certain rights* 
[082] pTfltnplfl^ 

[083] Access to a computerby a user can be controlled using a sub-set of tags. Ilie 
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computer has a leader for obtaining tag identificatioti data. The user registers Us total 
set of tags with the computer. 
[084] Thecompnter rests in a secure niode, forexanaple, widi a locked soeen. When the 
oser is in a predefined vicinity of the computer the confutes: will identify the tags in 
the possession of the user. If the tags form a sub-set of the total set of tags registered 
for that user, the computer will allow access to the user and will de-acdvate the secure 
mode. 

[085] Similady, when the user walks away from &e computer, the reader in die computer 
will not be able to sense the t^ and will again enter the secure noode. 

[086] The conqmter can be programmed to respond to other changes in the environment 
in the predefined vidni^ of the computer. For example, if someone approaches the 
computer without security clearance, the screen will screen save. 

[087] In this way, given the user's tag profile, the system can provide access to services 
without any formal interaction with the corq)uter. 

[088] Examples 

[089] Payment for goods at a checkout can be carried out automatically using the tags in 
the possession of a customs. 

[090] . As the customer moves to the checkout area the tags in the goods bemg purchased 
are scanned by a reader. The sub-set of tags m the customer's possession of the 
registered tag set are also scanned. 

[091] The customer provides a reference to his public certificate and the authentication is 
performed. The reference may be a postcode or loyalty card, for example. 

[092] The reference may alternatively be one of the regist^ed tags hosted in a predefined 
Qrpe of obj ect in the customer' s possession . The data pcocessmg system of the shop 
sorts the scanned tag identification data into num^cal orda: and selects, for wanxpld^ 
the fifth tag of a group of t^s hosted in obj ects with a value over a certain amount or 
hosted in clothing objects. This is the reference tag and its identification data is used to 
search for the customer's public certificate on a oedit card company syst^ connected 
to the shq? system via a network. 

[093] A oiedit card payment transaction is initiated following canfiimation fiom tiie 

customer that he wishes to purchase all the scanned goods. Hie confirmation can be by 
signature, press of a button or verbal agreement 

[094] aamekl 

[095] In this example, a car is the resource to which access is lequired. Whra a user 

enters a car, a reader scans the user for tag identifications. For a car, the regist^d set 
of tags may be held in a certificate which persists for a longer period. The sub-set of 
tags is compared to die certificate with the reg^stra:ed set of ta^. This ^ au- 
toniaticalfy by a data system in tiie car via local wireless technology. 



wo 2005/001671 PCT/EP2004/051176 

11 

GB030018 



[096\ A car can also be the registration point for a user. Each mommg a user can enter his 

car with his car key. Hie car key provides the additional auth^ticadon mechanism. 

Alteinatlvely, die additional authentication mechanism may 

predefined tag (for example, in a wallet) or group of tags. 
[097] The car identifies the user by the additional authentication mechanism and scans the 

usier using a built in reader. The reader identifies all the tags in the possession of the 

user on that occasion. 

[098] An iat&dace of the reader displays to the user the tag identifications located and 
provides an oppodunity for the user to amend the set to be legist^sd. Ibe interface 
may have defaults for accepting or rejecting tags in certain items. For example, all tags 
in clothing may be accepted and all tags in temporary items such as consumables, for 
example confectionery packets, may be rejected. 

[099] Once the user has accepted the set of t^, the car data system can register the set 
and communicate the registered set to other destinations, for example to the database 
of die user's workplace. 
' [100] QneQteiingtiiewodq)Iace,theuserisbescannedbyareada:andthetag idoiti- 
fications are checked against the registered set held in the database. As this database 
has akeady been updated by ti&e car Titration syst^ die user is pennitted access to 
the workplace automatically. 

[101] The above examples show the wide range of ^plications of the described iden- 
tification system. The strength of the system lies in tiie unpredictable nature of die tag 
identifications which will be used at any time. As the tags are low cost items, dieir use 
in objects can be widespread providing a hig^ number of tags being recorded resulting 
in lots of peacmutations of the set 

[102] Improvements and modifications can be made to the foregoing without departing 
firom the scope of tibe present invention. 
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Claims 

[001] An identification system for controlling access to a resource, the system 

including: one or moi^ objects (100, 202, 310) each hosting an electronic tag 
(102, 204, 306); a reading means (106); and a data system (108); the electronic 
tag (102, 204, 306) having stored identification data (104) readable by the 
reading means (106) for processing by the data system (108), and the idenr 
tification system having registration means for registering a set of identification 
data (212, 312) for one or more electromc tags (102, 204, 306), wherein a user 
(200, 300) is pennitted access to the resource when the user (200, 300) has in his 
possession at least one of the objects (100, 202, 310) hosting an electronic tag 
(102, 204, 306) with registered identification data (104). 

[002] An identification system as clmmed in claim 1 , wherein the resource is one of the 

group of a place, an object, data, information, payment means, or authority to act. 

[003] An identification system as claimed in claim 1 or claim 2, wherein the electronic 

tags (102, 204, 306) are radio frequency identification tags. 

[004] An identification system as claimed in any one of claims 1 to 3, wherein the user 

(200, 300) is pemtiitted access to the resource when all the electronic tags in the 
registered s^ are present. 

[005] An identification system as claimed in any one of claims 1 to 3, wherem tiie user 

(200, 300) is penmtted access to the resource when a sub-set of the electronic 
tags in the registered set is present. 

[006] An identification system as claimed in any one of the preceding claims, wherein 

a reading means (106) is provided at a point of access to the resource and the 
reading means (106) automatically identifies the tag identification data (104) and 
seeks auttiorisation &om the data system (108). 

[007] An identification system as claimed in any one of the preceding claims, whmm 

the registration means includes authentication means for authentication of the 
user. 

[008] An identification system as claimed in claim 7, wherein the authentication means 

uses public key infrastructure (308). 
[009] An identification system as claimed in any one of the preceding claims, wherein 

the rei^fiteied set of identification data (212, 312) has a reference (208). 
[010] An identification system as claimed in claim 9, wherein tiie refeience (208) is the 

tag identification data (104) of one of die registered set of identification data 

(212, 312) selected acc<n:ding to predefined selection criteria. 
[01 1] An identification system as claimed in claim 10, wherein the predefined selection 

cnteda mclude the type of object in which tiie tag is hosted and a count of the 
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sorted identificatiaa data. 

[012] An idraidficadon system as claiined in any one of tbe preceding claims, whoiein 

die registration means gen^ates a record (206, 308) of the set of regist^ iden- 
tification data (212, 312) the record including a reference to the user (208, 314), 
and one or more attributes (210) of the user (200, 300). 

[013] An identification system as claimed in claim 12, wherein the user (200, 300) is 

identified by reading the identification data (104) of the tags (102, 204, 306) in 
his possession and refilling to flie record (206, 308) in the data system (108). 

[014] An id^tification system as claimed in any one of the preceding clauns, whrnin 

the data system (108) is acces^ble via a n^odc 

[015] An identification system as claimed in any one of the preceding claims, wherein 

there is provided an interface for the registration means for confinning the 
registered set of identification data (212, 312). 

[016] An identLfication system as claimed in claim 15, wherm the registration means 

has a de£mlt for accq)ling or rejecting identification data of tags hosted in 
predefined ^es of objects. 

[017] An identification system as clauned in any one of the preceding clauns, wherdn 

the objects (100, 202, 310) axe objects habitually carried on a p^on including 
clothing, personal effects, and consumables. 

[018] An identification system as claimed in any one of the preceding clain[is, wherein 

the regist^ed set has an expiry time. 

[019] An identification method conqnising: legist^g a set of identification data (212, 

312) for one or more electronic tags (102, 204, 306), each tag being hosted in an 
object (100, 202, 310); a user (200, 300) carrying one or more of the objects 
(100, 202, 310); scanning a user (200, 300) to read the identification data (104) 
of tiie electronic tags (102, 204. 306) hosted m the objects (100. 202, 310) being 
carded by the user (200, 300); comparing the scanned identification data (104) 
with the regist^ed identification data (212, 312); and paonitting access by the 
user (200, 300) to a resource if the scanned identification data is a sub-set of tiie 
registered identification data (212, 312). 

[020] An identification method as claimed in claim 19, wherein the resource is one of 

die groiQ) of a place, an object, data, informatian, payment means, or authority to 
act 

[021] An identification metiiod as claimed in claim 19 or claun 20, wherein the 

electronic tags (100, 202, 310) are radio frequency identification tags. 

[022] An identification metiiod as claimed in any one of claims 19 to 21, wherem the 

us» (200, 300) is perrnitted access to the lesoorce when aU the electronic tags 
(102, 204, 306) in tiie r^gjistered set ace present 
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[023] An identification method as claimed in any one of claims 19 to 22, wheiein the 

user (200, 300) is peimitted access to the lesource when any sub-set of the 

electronic tags (102, 204, 306) in tiie registered set are present 
[024] An identification method as claimed in any one of claims 19 to 23, whss&in the 

step of registering includes authentication of a user (200, 300). 
[025] An identification method as claimed in claim 24, wherein the authentication uses 

public key infrastructure (308). 
[026] An ideaitification method as claimed m any one of claims 19 to 25, wherem die 

step of registering a set of identification data (212, 312) includes providing a 

reference (208) to the set 
[027] An identification method as claimed in claim 26, wherein the reference (208) is 

the tag identification data (104) of one of the registered set of identification data 

(212, 312) selected according to predefined selection criteria. 
[028] An identification method as claimed in claim 27, wherein the predefined 

selection criteria include the type of object in which the tag is hosted and a count 

of the sotted ideotification data. 
[029] An identification method as claimed in any one of claims 19 to 28, wherem the 

registration generates a recoid (206, 308) of the set of registered identification 

data (212, 312), the record including a reference to die user (208, 314), and one 

or more attributes (210) of the us^. 
[030] An identification method as claimed m claim 29, wherein the user (200, 300) is 

identified by scanmng the identificarion data (104) of the tags in his possession 

and idTemng to the record (206, 308). 
[031] An identification method as claimed in any one of claims 19 to 30, wherein the 

registered set of identification data (212, 312) is accessible via a network. 
[032] An identification method as claimed in any one of clams 19 to 31, wherein the 

step of registering includes the user (200, 300) confirming the registered set of 

identification data. 

[033] An identification m^od as claimed m claim 32, wherein the step of registering 

includes de&ulting to accept or rg ect identification data of tags hosted in 

predefined types of objects. 
[034] An identification method as claimed in any one of claims 19 to 33, wherein the 

objects (100, 202, 310) are objects habitually carried on a pason including 

clothing, personal effects, and consumables. 
[035] An identification method as claimed in any one of claims 19 to 34, wherein the 

step of registmng is repeated at time intervals. 
[036] An identification system fi)r controlling access to a resouree., the system 

mcludbg: an object (100, 202, 310) hosting an electronic tag (102, 204, 306); a 
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leadiBg means (106); and a data system (108); the decfcronic tag (102, 204, 306) 
having stored identification data (104) readable by the reading means (106) for 
pnicesang by the dato system (108), and wbsKm a user (200, 300) is permitted 
access to the resource when die user has in his possession the object (100, '202, 
310) hosting flie electronic tag (102, 204, 306). 
[0371 An identification service comprising: registmng a set of identification data (212, 

312) for one or more electronic tags (102, 204, 306), each tag being hosted in an 
object (100, 202, 310); a user (200, 300) canymg one or more of (he objects 
(100. 202, 310); scanning a user (200, 300) to read the identification data (104) 
of the electronic tags (102, 204. 306) hosted in file objects (m 202, 310) bei^^ 
carried by the user (200, 300); comparing the scanned identification data (104) 
with die registered identification data (212, 3 12); and permitting access by the 
us^ (200, 300) to a resource if tiie scanned idmtification data is a sub-set of the 
regist^ed id^tification data (212, 312). 
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